Google's previously announced enhancement to the Verify Apps framework is rolling out to users now, according to the official Android blog. Your device already has the standard Verify Apps system built-in that scans at the time of installation, but the new version will be watching all the time for suspicious activity.

Verify Apps compares each app you install with known malware signatures, but there's always a possibility you are downloading a form of malware that hasn't been identified yet. An app might also install malicious code by some means after it has passed through the filter successfully. That's why Google is ramping up its scanning system. Constant monitoring ensures viruses and malware won't be able to hide on your phone or tablet.

Google says fewer than 0.18% of installs in 2013 triggered the malware scanner, so it's not too likely you're ever going to need the malware scanner, but it's nice to know it's there. The update should arrive via Google Play Services without any user interaction in the near future.

Comments

android need ios or bb10 like security system, that users can allow or disallow permissions to every app. every custom rom ported this feature to 4.4.2, shame on you google!

Aooga

AppOps?

Francisco Franco

Shame on you for not reading why Google did not add that. That AppOps feature is an in-house framework for testing purposes, it was never intended to be available on Android as is. Their reasoning is that the current UI is overly complicated and put in wrong use will break apps and then users will go complain to the app developers.

moelsen8

they shouldn't try to compensate for stupid. they could've buried it in settings like how developer options is or something like that. add some scary warning messages.

Francisco Franco

Yeah sure, look what adding ART as experimental feature done...

moelsen8

huh? ..those who cared and wanted to try it were able to. the general public was protected from themselves.

Francisco Franco

No the general public started to use ART and then complained to the app developers because stuff was broken. I'm an app and Kernel developer, my day to day was deal with shit like that for months.

moelsen8

oh wow, now i recognize your name. i get what you're saying, that really sucks. i don't know. guess it's easy to say people should have some accountability for their own crap.

Francisco Franco

Unfortunately you cannot count on users to behave like they should, that's why I replied to the first post with what I wrote.

Cj

He is right, ART became a "buzz word" with Android enthusiasts. While the very basic users still may not know it existed, others have heard rumors of this remarkable hidden feature that boosts battery life and adds snappiness to your device. And without gathering further knowledge of what exactly ART does, a LOT of users simply turned it on because it makes things "faster"

Matthew Fry

Thank you to AP for doing the tests and finding the differences... minimal at best.

Sourav Gupta

Don't be a developer if you are not ready to face complains, even if they come for completely different reason and not related to your app.

This might have been Google's objective. If they want to transition to ART, and if doing so will break some legacy apps, this was Google's way of slowly forcing devs to update, without having the same disaster amount of complaints that would have happened if Android 5 released with Art default and they had no time for devs to fix their stuff.

Francisco Franco

Of course it was targeted to devs, that is alright, but dumb users started using it without a single fucking clue and then blame us for their own shit.

didibus

Ya, that's probably the media's fault. Devs shouldn't have received the blame for being "incompatible". It's a shame that non technical users who did somehow enable Art don't understand the situation and blame devs for it.

Squirett

It's not because the UI, it's because Google don't want user to disable in-app advertisement..

Francisco Franco

No. Search for Dianne Hackborn explanation if you want to learn something useful.

Imparus

You can't turn of in app adds with appOps and other app that deal in privacy. You are clearly confusing in-app advertisement with targeted add, which only change will be them becoming more irrelevant for you :-/

matteventu

You can deny network (Wi-Fi and mobile data) permissions, so the app will no more show the ads since it doesn't find connection.

Imparus

Pretty much every app use syncing, the cloud, or need to access web content, so they wouldn't work without that permission(and if normal people turned that permission off they would probably be fucked) together with the fact that quite a few have designed their app so it got room for the add. Also yes it is an permission, but the one Google had didn't have the option to turn that permission off. You can always install an adblock app if this is just about people not wanting to see ads.

didibus

Emexci Life's comment is spot on. Android must and I'm sure is already working on a system to do just that. The fact that they had not planned for it make their current implementation of such a security feature cumbersome. Since they are stuck with all these legacy apps who don't account for the possibility of having permissions denied to them post-install. It doesn't mean Android doesn't need this feature, if they want to be considered a modern OS, for years to come, I believe it is imperative that they make this happen.

Syukri Lajin

NO. Developers are the one that should have implemented a better way of handling permissions, and giving options to the user to enable or disable some of the non-essentials usage of permissions. What Google should do is require all the apps to have a list of essential permissions and optional permissions, and the user should be able to choose either to enable or disable the optional permissions through some sort of interface in the app itself instead of a system wide implementation.

Sir Perro

Please... Changing permissions on the fly is just a nice way to make your apps unusable.

And please stop thinking you guys are the only intelligent android user in this world..

Sir Perro

Sorry but Google and Android should aim to be consistent and robust. Developers can't afford having unreliable permissions for the wider audience.

Put it that way. App needs access to the camera, ie. Instagram. Grandma unchecks the permission for that. All of a sudden Grandma faces problems with the app, and have no idea why. This situation is RIDICULOUS for the mainstream and has big implications for android.

Do we need THAT level of granularity? Short answer, NO. Not even close. If you don't want an app to be installed, don't. If you think the app is malware, report it. Otherwise there's no reason to install the app and try to apply some customization the app is not ready to take.

For the critical stuff Android provides already that. GPS, network access, etc... As an app developer you should bother to check if the GPS is on or not, but having to worry about grandmas removing permissions to check battery level or use the camera is PLAIN STUPID, and would make Android a useless buggy piece of shit.

That IS.NEVER.GONNA.HAPPEN, because google will never allow it, hidden or public menu, so you better live with it

mildmanneredjanitor

I can't even imagine needing this kind of crap on my phone.
Very happy (ex-Android) Windows Phone user.

its ok, because the Nexus 5 is a shining beacon of excellent battery life...oh wait. T_T

clay

the vzw gnex called, it says "you know nothing jonnn snnooowww"

Matthew Fry

A 3 year old battery will do that to ya.

clay

i replaced it with an n5 day 1, just saying it was far worse overall

Matthew Fry

Just teasin'. I know the gnex was known for its poor battery life and the vzw version well known for not getting updates.

Simon Belmont

I managed to get great battery life out of my G'Nex, with everything syncing, and using it heavily day to day. The difference from the people that complain?

They had a Verizon or Sprint G'Nex. Mine was GSM. The first generation LTE chips in those CDMA G'Nex phones chewed through battery life. There's a reason they made the battery slightly larger in the Verizon and Sprint variants.

Jonathan Zelayandia

i had a Gnex...loved its feel and everything. but that battery...man that battery. and then the charging port broke and it was in a constant state of thinking it was charging while not really charging...such a mess.

jumped ship for the HTC One and then ditched that one when i had one of the defected cameras (purple/blue tint in dark photos making it impossible to focus) for the Nexus 5...much improved battery over the Gnex, but still far from the best.

Matthew Fry

That's alright. It's almost always awake because of Google Now and the "wifi scanning" anyway.

Francisco Franco

No.

Matthew Fry

It's the biggest wakelock on my devices.

Francisco Franco

Wi-Fi always scanning is totally unrelated and it doesn't wakelock anything, it just keeps the Wi-Fi chip in a low power state mode. Google now wakelocking does not happen anymore since the last couple Google Search updates.

Matthew Fry

Ooooh... I admit I haven't looked in the last month or so.

Francisco Franco

Sometimes we have to think before we post - its what you should've done. Let it be a lesson to future posts from other users who first post, then think.

Matthew Fry

Just because you make a popular kernel doesn't give you license to be a jerk. I apologize for not being as up to date on Google search updates as you are.

Francisco Franco

I was not being a jerk, I was saying the truth.

David Hart

Haters gonna hate when I roll and skate.

Simon Belmont

Yeah. I have to agree that he came off a bit snotty in that last post, even if he does have a point.

One can get a message across without ruffling too many feathers, if they try. There's a difference between correcting someone's mistake and being rude.

The average user wouldn't know how to used it, the only reason IOS and BB10 are secure its due to the survailance of all the apps by the company. Open market means expose to malvare, the same way a Windows user is expose and gets virus..

saf1927

You don't need to "use" it. It sits there and does everything on its own.

Ryuuie

...You do know that Mac OS isn't invulnerable, right?

I mean, sure Macs aren't popular machines to put malware on since they're not really used in important places such as banks or whatnot, but they ARE able to get them.

It's worked fine for me since the Nexus One. No AV software and no virus'. Wow! It's magic.

Eric S

It's worked fine for me since the Nexus One. No AV software and no virus'. Wow! It's magic.

didibus

How do you know you don't have a virus, if you've got nothing to detect it?

Francisco Franco

Because? I'm a developer, I know my device better than I know the palm of my hands. Same thing why I don't run anti virus on any of my computers since ever, I know what I'm doing and don't open dodgy shit that scream problems all over.

didibus

Sure, you know your device inside out. A doctor probably doesn't need another doctor to know he's got the flu. But people that don't know their device like the palm of their hands, what about them? Do you still advice them never to use any app labeled Anti-Virus...?

tekfr33kn

Actually, he does know his devices. Francisco is the developer of one of the more popular kernels for the Nexus 5. Many other developers package it with their ROM. While I don't agree with his premise about use of an AV, I certainly agree that he knows his devices well. So try to show a little respect before you troll. You only come out looking foolish otherwise.

Grace

But the point is not whether or not Francisco knows his android well; he is a dev and an accomplished one so I would expect that; the question is whether or not the rest of us should use one to protect ourselves. There is nothing trolling or foolish about that.

didibus

I know who he is, and you should probably re-read my comment.

If I wasn't clear enough, I understand he might have the knowledge to tell if his device is compromised or even to use his device in ways that will not make it vulnerable. On the other hand, for everyone else who are simple users and not experienced devs like Franco, would he also tell them they don't need an AV?

Kashmieer

Smells like Fake.

David Hart

You're smelling all this BS about viruses. - That's the real Franco, don't believe me? look at all his posts from Disqus, they're 80% related to Android and very knowledgeable.

Google is doing this to be a business class OS. End of story.
They want that sweet user pot that Blackberry/iOS has had for a while.

By simply staying smart, keeping your eyes open, and reading before you act, will keep you out of trouble.

I have *never* used an AV. It's like getting a flu shot.... more harm then good.

Maxime Henrion

This is simply bullshit. You completely disregard malware that doesn't rely on the user to install itself but uses known vulnerabilities (in the OS or applications) as the vector of infiltration. No amount of knowledge of your device will save you from that and neither will being a developer.

didibus

Exactly, and given the fact that Android lacks a patching system, such threats discovered in the OS, maybe a bluetooth hack, a wifi bug, a problem with the encryption libraries, OpenSSL anyone (affecting Android 4.1.1)? Those would go unpatched until the device is upgraded to the next version of Android, which we know, often never happens.

Wesley Modderkolk

Fun fact, infections often happen by security flaws in either the browser or the operating system, no user needed! I really would have expected an developer to know that.

Dracus

I'm right there with you. Never have and even advise against them. They are not needed if you use common sense.

didibus

How do you know you don't have a virus, if you've got nothing to detect it?

Sir Perro

I've had quite a good luck for years, uhu

Grace

I use malwarebytes on my windows machine and on my phone. Love it on both.

bL4Ck

That's just a placebo warning, and virus/malware can't install by themself in your device if you don't manually install an apk, all avast does is notify you that a website has shady code in their page, like those pages that pop advertisements with android 1.5 style error messages saying that your phone is infected, that's no different from a shady adv that you can get on your desktop browser, if you don't install anything nothing is going to force download and install in your phone/desktop.
Instead of running useless crapware that drains battery and gives nothing use common sense, a secure browser and don't install anything from unknown sources.

MJ

"Don't install shady shit and you need not worry."

You do know malware can infect you not just by installing software, yes? Just yesterday I mistyped a URL and BAM! my AV software pops up giving me a virus blocked warning...

You are not that guy who doesn't use a condom because never sleeps with "shady woman" are you?

Steve Secor

If you feel more comfortable with AV software, that's your choice. I currently don't run it on my PC and I've never ran it on Android.

As to your last question, I consider that rather offensive.

MJ

It's not an issue of being comfortable but me not wanting malware on my Windows PC. You would have a better case if are talking about Linux or Macs (nothing to do with them being more secure but not being targeted like Windows).

Sorry you if you are sensitive but that question served well as part of my counter argument to your incorrect statement which really worries me as other idiots are up-voting your original comment.

Dhruv Aggarwal

Do you know that android is based on linux??

MJ

Do you know your comment is not relevant to this sub-discussion?

I am taking about the need for AV software on a PC, NOT a mobile phone in response to Steve Secor's statements "I still believe the best malware/virus scanner is One's brain. Whether it be android or a PC" and "I currently don't run it on my PC...".

But thanks for your concern...

Cheeseball

You won't get malware on your PC if you don't surf questionable (doesn't necessarily mean pr0n or warez sites), run unknown executables and regularly install critical OS updates. That's common sense for the above-average PC user.

But I understand the need for AV/firewall software for the common PC user. They usually don't pay attention to protecting their PC (with the argument being "they shouldn't need to") and forego regular maintenance.

MJ

Sigh... Once again, my example was a mistyped URL that anyone could do by accident, even a seasoned computer technician like myself. I guess you have never read any of the stories about legitimate everyday sties that have had malware infected ads? A friend or relative uses your computer?

People, AV software is free so there no reason to not have it running on your PC. Anyone who wants to say it slows down your computer please stop rocking the Pentium III machine and upgrade.

Cheeseball

Please provide an example URL. Malware cannot run without user intervention or through an exploit in the user's preferred browser.

AV software (free or subscription-based) does not necessarily slow down a PC (unless said PC lacks sufficient memory and or CPU power), but uses up resources that can be used for something else, like gaming or multi-window productivity.

MJ

" Please provide an example URL." Really?

"...or through an exploit in the user's preferred browser." Sounds like a good reason to run some AV software (malware exists that does not require user intervention).

"AV software (free or subscription-based) does not necessarily slow down a PC..." Thanks for agreeing with me.

"but uses up resources that can be used for something else, like gaming or multi-window productivity." I use Avast and it has a gaming mode on a two year old PC that have no problems running multiple programs at the same time.

Why am I still arguing it's a good idea for everyone to run AV software on a Windows PC again?

Cheeseball

Yes, really. I would like to see this website that tripped your anti-virus and determine if it still required user intevention or if it attempted to exploit a known vulnerability in a modern browser.

Avast's gaming mode only prevents it's own pop-ups (in case there are new virus definitions available) while using full screen software, which are usually games. It is still using resources.

A better argument would be for encouraging common PC users to run AV software, as they are the ones that don't usually pay attention to maintaining their PC, or corporations that have to manage multiple workstations. Not everyone needs AV software, especially power users and enthusiasts.

MJ

Dude, this is getting ridiculous... I don't know of a URL of website that has malware on it, off the top of my head. You already conceded malware can exploit known (or unknown) vulnerabilities in a browser which is a reason right there to run AV software.

You are using nikpik reasons for not using AV software. Yes, a power user or enthusiast probably won't be infected with malware but it is possible. I work in IT dept. with a staff of like 20 that manages over 1,000 computers at over 30 locations. I don't know of any of my co-workers that doesn't use AV software on any personal Windows computers.

I think this discussion has run it's course but thanks for playing...

Cheeseball

Realize that I am not arguing the usage of anti-virus software in general, but arguing your claim that "it's a good idea for everyone to run AV software", when there are many users (although they are not the majority) who are capable of surviving everyday 'net usage without having one installed and not being infected due to practicing good surfing habits.

You already conceded malware can exploit known (or unknown) vulnerabilities in a browser which is a reason right there to run AV software.

This is a reason to keep the web browser updated to the latest stable and report the exploit to the developers to close the security hole. It's not a reason to run an AV as modern browsers are already sandboxed and the exploits would not have system access.

MJ

WTF are you taking about? You do know updating does nothing for zero days and there are things like Flash and other plugins that can be exploited. I am not out searching for unknown exploits that affect my browser. What the hell are you talking about? <-- That was rhetoric...as in I don't need an answer. I think you are just trolling now or didn't take your meds. Thank God this slow work day is about over and won't be checking this thread anymore.

Cheeseball

And you're just arguing for the sake of arguing because you still want to prove that everyone *needs* an anti-virus when not everyone does.

Good day. And thanks for losing out due to ad hominem since you think I'm trolling.

MJ

I should have said was browsing on my PC when mentioned my mistyped URL example but my second comment should have clarified that...

Dhruv Aggarwal

Do you know that android is based on linux??

Steve Secor

If you feel more comfortable with AV software, that's your choice. I currently don't run it on my PC and I've never ran it on Android.

As to your last question, I consider that rather offensive.

abobobilly

Lets see how many android or linux virus you can infect your devices with.

Linux is more secure than you can imagine. And having an antivirus app on Android is a disgraceful act.

As for 'having mind comfort' ... BS. Its just a license for people to install crazy apps, and without thinking for a second.

MJ

abobobilly, please refer to my comment to Dhruv Aggarwal above... Do people even read the comments they reply to anymore?

abobobilly

You mean the comment you made almost 4 hours ago, against MY comment which i made 10 hours ago?

Sure ...

MJ

The comment I made 4 hours ago was referring Dhruv Aggarwal and then you did not read my prior comment that is now 19 hours old. Sigh - READ READ READ the whole thread...

christina

This entire google/gmail/ security crap does not need to be attacted to a damn cell phone!!! I hate it!! Im always having to reset my phone!

abobobilly

Well, since people are concerned ... about security, they had to. Besides, its essential in a 'smartphone' no?

David Hart

While initial scare tactics may be http, the payload must be an executable targeted to specific systems in order to get beyond a simple annoyance and become a true virus.

Metadroid

There goes my battery life..

Mikeb3ll

Right down this dark alley is where I sell brand name TV's for 80% off with warranty! Please walk this way for deals!

didibus

There's a couple of high risk but low threat exploits that are always a possibility. For example, exploits could be found in the SMS and MMS functionality, or in any of Android's browsers or even inside an App. Sometimes, such exploits affect a legitimate app. So say Chrome was exploitable, you'd be at threat, even though you didn't install any shady shit.

Another possibility is app forgery, sometimes real website are hacked into, and contaminated with viruses, browsing to such site seems smart, since it is a legitimate site, but it has gotten infected and is now a threat. Similarly, an APK could be affected. Though the chances of that if installing from Google Play are low, this is mostly an issue if installing from an unknown source.

bL4Ck

That's called Common Sense 2.0, everyone should install it into their brain.

Marcus

Why do they place a screenshot of Android 4.3 in their KitKat-Device?

Matthew Fry

I think they just took the first promo image and added new bold text to it.

... No, it doesn't have anything to do with it, really, I shamelessly reckon that :)

WORPspeed

"Google says fewer than 0.18% of installs in 2013 triggered the malware scanner, so it's not too likely you're ever going to need the malware scanner"

That could also be a very bad thing depending on what the total amount of installed malware actually was. I can create a malware scanner that is triggered in 0.00001% of installs, doesn't mean it is any good, unless the percentage of malware caught is 100% or very high and the percentage of false alarms is very low

"An app might also install malicious code by some means after it has passed through the filter successfully. That's why Google is ramping up its scanning system"

Because why fix the filter, right?

Honestly, this is a bad solution. not only in a way of the device itself, but it also shows a lack of trust in it's own filters. I enjoy that it scans on install, it is a good feature. But to always scan will logically consume more processor time, and thus consumes more battery life. and guess what, mobile devices do not have enough battery life already, this will make it even worse. And why? Because Google's filters suck and cannot detect the malicious ability of an app. If their filters cannot detect it, then why should I trust their anti-virus scanner to be able to do so?

Not only that, but this type of protection only works after the infected app has already been spread, because only then the signature could be known. After which Google has already disabled the app and removed it from the app store.

This solution is extremely pointless and is only implemented because Google cannot trust it's own filters and are, apparently, too lazy to fix that.

This change made me seriously doubt the security of Android.

Sorian

Normal computer AVs need to scan (most every 30 days) to verify the rest of the programs on a computer haven't installed malicious programs after the fact, Android is using the same process.

Also, they didn't say how often the scans will run (1hour, 1 day, 1 week, or 1 month), or when it will scan (on charger would be the logical setting).

Wesley Modderkolk

A computer works a lot different. Files can pretty much always change each other and are not independent like apps on Android are.
An Android app cannot go and trash system files(not without root, that is) where on a computer it could.

The issue with android malware at the moment is the stealing of personal data and rogue software. And honestly, it does not sound that hard to filter those out from the play store. Certainly not when a recent "anti-virus" app only was a simple button but still got through.

Also an app sending lots of the users data over an connection does not sound very trustworthy to me.

If we take an example to Apple's App Store(yes, I have to compare it to iOS), how many times does it happen that malware, or rogue software gets through? Have only read a few cases. And this is interesting, because the Play Store and App Store are similar services. They are a marketplace for apps for the user's devices. Why is it the case that malware gets through the Play Store on a consistent basis, but not on the App Store?

The problem in this all is Google's bad checks on apps, and instead of fixing that they decide to implement redundant scans into it just to paste a bandaid over the real issue.

And yes, then you have sideloaded apps. Still, does not require the OS to actively scan apps. Scanning sideloaded apps at startup is enough if you ask me.

The whole issue is dubious app checking on the Play Store, and Google is putting a bandaid on that by reducing the already small battery life on users devices.

Ugo

"An app might also install malicious code by some means AFTER it has passed through the filter successfully"

From the same sentence you quoted. An app can be innocent at first, pass through the filters and thereafter download malicious code (using the same means the Facebook app used to use to update itself). That's why the device needs to scan regularly, in case of any changes.

Wesley Modderkolk

Yes, which only shows that the app isn't tested properly.

Not only is it against the ToS it also should be picked up by the check that will show it tries to update itself.

Also, it is no need to scan regularly. Doing a quick scan before starting the app would be well enough.

jojoban

With normal Anti-Virus app, at least I can turn off background scanning when not needed, conserving battery life.
Google should give option to turn off this background app verifier.

Sorian

It might be an option, can't tell from the brief blog post.

esper256

Although there's no way to know for sure, I would be shocked if this ever ran when the phone wasn't plugged in.

ThoFeelExp

Is this update anything to do with Heartbleed?

Transdence1

Android is not affected by Heartbleed at all except 4.1.1

ThoFeelExp

OK, Thanks

Fatal1ty_93_RUS

Am I the only one who's weirded out on a Jelly Bean status bar on Nexus 5?

Simon Belmont

Nope. You aren't.

The settings icon is also Jelly Bean. A weird choice for screenshot.

tipsy

Will you still need a mobile av with this or will it be redundant?

dudu

google just wants to have control over your apps. it's up to google which apps they put on the list. they might add some trusted root apps to the malware list or other apps google just don't want to see on your device like adaway or something else

dudu

google just wants to have control over your apps. it's up to google which apps they put on the list. they might add some trusted root apps to the malware list or other apps google just don't want to see on your device like adaway or something else

br_hermon

I hope there's still the option of enabling or disabling this feature (the picture would seem to indicate "yes) because this thing pops up like crazy when you're restoring your apps via TiBu. Major pain in the butt.

Sir Perro

Now ban all the antivirus shit from the play store and make android a better place. Please Google, please.